If somebody saw that a hacker had your password, you could believe they had more dirt beyond that password said Hautlala. You might not be worried about your non-existent porn history being used, but you might be worried about something happening to someone you love. We could see different variations of this.

In Julie Watts’ case, the scammers used an old password she hadn’t used in years, likely something purchased on the dark web following a data breech.

By visiting on to the haveibeenpwned.com website, users can see if their email addresses and passwords have been compromised over the years in several breaches dating back to 2013, including Adobe, Dropbox, LinkedIn and MySpace.

And with an increasing number of data breaches and easy access to other personal information online, it’s likely the new “I know your password” twist will only get more sophisticated.

If a hacker wanted to spend more money to buy something new, you might get an email that’s a bit more convincing that has your current password or something really recent, said Hautlala.

The bottom line? Your best bet is to ignore the emails demanding money. Even if they appear to have personal information, don’t engage with the sender.

Security experts recommend a password manager that creates a unique passwords for each account. If your password are secure you’re less likely to encounter these scams.

And in general, it’s a good idea to keep you web cameras covered when not in use, just in case.